Information Security Professional I

Facilities and Business Operations:

The Facilities and Business Operations at UCF is dedicated to fostering a conducive educational environment for our faculty, staff, students, and the broader community. We are committed to excellence, providing unparalleled expertise, and maintaining a world-class standard in service.

Please visit us at: https://fs.ucf.edu/ or Facebook and Instagram: UCF Facilities

The Opportunity:

The UCF IT within Facilities and Business Operations is seeking to hire an Information Security Professional I. This role is responsible for supporting Identity and Access Management solutions that contribute to the organization's compliance with frameworks such as NIST SP 800-171 and the Cybersecurity Maturity Model Certification (CMMC). Responsibilities include designing and executing strategies to manage highly privileged accounts, coordinating assessments, maintaining documentation, and ensuring continuous improvement of cybersecurity controls to meet compliance requirements and UCF standards.

Responsibilities:

• Manage and Audit Privileged Accounts: Design and improve processes to track highly privileged accounts and perform annual audits in line with NIST Cybersecurity Framework (CSF) and CMMC requirements.

• Stay Current on Compliance Standards: Maintain up-to-date knowledge of evolving NIST CSF and CMMC requirements and their impact on identity and access management in higher education.

• Promote Awareness and Training: Provide training and raise awareness on policies and procedures related to NIST and CMMC compliance.

• Manage Machine Identities: Develop and enhance processes for tracking machine identities (e.g., service accounts, application registrations, service principals) and audit them annually.

• Support Access Governance: Assist with identity and access management governance activities, including adoption of NIST CSF-based requirements for enterprise resource planning systems.

• Document Processes: Build and maintain Standard Operating Procedures (SOPs) and Work Instructions (WIs) for identity security and related business processes.

• Participate in Change Management: Engage in Change Advisory Board (CAB) processes and configuration management when appropriate.

• Assist with Assessments and Audits: Help prepare for internal and third-party assessments required by NIST CSF, CMMC, and other audits.

• Manage Administrative Access: Develop processes to manage, report, and audit administrative access to endpoints across campus in compliance with NIST CSF and CMMC.

• Contribute to Security Planning: Support the creation and execution of System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms) related to identity security.

Minimum Qualifications:

Bachelor’s degree; or High School Diploma (or equivalent) and 4 years of relevant work experience in lieu of degree or an equivalent combination of education and experience pursuant to Fla. Stat. 112.219(6).

Preferred Qualifications

• Experience with Identity and Access Management (IAM) tools and processes and hands-on experience managing privileged accounts and machine identities.

• Familiarity with NIST Cybersecurity Framework (CSF), CMMC compliance requirements and knowledge of System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms).

• Strong understanding of audit preparation and compliance documentation.  

• Ability to create and maintain Standard Operating Procedures (SOPs) and Work Instructions (WIs).

• Excellent communication skills for training and awareness programs.

• Experience working in higher education IT environments or similar regulated industries.

• Relevant certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Identity and Access Manager (CIAM).

• Bachelor’s degree in Information Security, Cybersecurity, Computer Science, or a related field.

Special Instructions to the Applicants:

Due to the nature of this role and its involvement with the National Institute of Standards and Technology (NIST) in collaboration with the Department of Defense (DoD) through a federal grant, candidates must be U.S. citizens.

Applicant must be authorized to work for any U.S. employer, as sponsorship is not available for this position now or in the future. 

Position requires a valid Class E driver’s license. This position may involve driving to various locations on and off campus to conduct University business.

The anticipated salary for this position is $56,030- $79,998. The final salary will be determined based on the candidate's qualifications, experience, and internal equity considerations. 

If you are selected as the final candidate for an employment opportunity, both your position and salary will be significantly based upon the information that you have provided in your application for employment. We urge you to please take the time to complete the application in its entirety.

Department

UCF IT Information Security Office

Work Schedule

Monday through Friday, 8:00am to 5:00pm

Type of Appointment

Regular

Expected Salary

$56,030.00 to Negotiable

Job Posting End Date

12-17-2025-12-00-AM

As a Florida public university, the University of Central Florida makes all application materials and selection procedures available to the public upon request.  

UCF is proud to be a smoke-free campus and an E-Verify employer. 

If an accommodation due to a disability is needed to apply for this position, please call 407-823-1336 or email onac@ucf.edu.

For general application or posting questions, please email talent@ucf.edu.